Win32 s'est installé dans mon ordi
Résolu
maninie
-
g!rly Messages postés 18215 Date d'inscription Statut Contributeur Dernière intervention -
g!rly Messages postés 18215 Date d'inscription Statut Contributeur Dernière intervention -
Bonjour,
J'ai un cheval de troie sur mon ordi, et je ne sais absolument pas quoi faire (à part mettre en quarantaine, mais ça ne résoud rien au final ;-)
Il s'agit de WIN32.
Quelqu'un peut-il m'aider???
Merci d'avance
J'ai un cheval de troie sur mon ordi, et je ne sais absolument pas quoi faire (à part mettre en quarantaine, mais ça ne résoud rien au final ;-)
Il s'agit de WIN32.
Quelqu'un peut-il m'aider???
Merci d'avance
A voir également:
- Win32 s'est installé dans mon ordi
- Ordi qui rame - Guide
- Comment reinitialiser un ordi - Guide
- Mon ordi ne reconnait pas ma clé usb - Guide
- Ordi scrabble - Télécharger - Jeux vidéo
- Plus de son sur mon ordi - Guide
123 réponses
Et maintenant je n'arrive plus à ouvrir mes mails pour avoir tes réponses... Tout va bien, je reste zen ;-)
Bonjour,
Bon, j'ai redémmaré l'ordi, et ça a l'air de mieux aller pour ma boite mail.
Alors, je fais quoi?
Bon, j'ai redémmaré l'ordi, et ça a l'air de mieux aller pour ma boite mail.
Alors, je fais quoi?
Bonjour,
voilà le rapport coComboFix 07-11-19.3 - Xavier et Magali 2007-11-23 12:53:52.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.479 [GMT 1:00]
Running from: C:\DOCUME~1\XAVIER~1\Bureau\combofix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-23 to 2007-11-23 ))))))))))))))))))))))))))))))))))))
.
2007-11-23 09:58 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-11-22 18:09 19,856 --a------ C:\WINDOWS\system32\foubwzf.exe
2007-11-22 17:58 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-11-22 15:41 19,856 --a------ C:\WINDOWS\system32\daqf.exe
2007-11-22 14:04 19,856 --a------ C:\WINDOWS\system32\iuafiinm.exe
2007-11-22 11:45 19,856 --a------ C:\WINDOWS\system32\oxdmmkg.exe
2007-11-21 13:07 <REP> d-------- C:\Program Files\Panda Security
2007-11-20 23:37 5,532 --a------ C:\WINDOWS\system32\jupdate-1.6.0_03-b05.log
2007-11-20 23:02 34,688 --a------ C:\WINDOWS\system32\drivers\lbrtfdc.sys
2007-11-20 23:02 8,192 --a------ C:\WINDOWS\system32\drivers\changer.sys
2007-11-20 19:17 <REP> d-------- C:\Program Files\Fichiers communs\SansenDommagement
2007-11-20 19:17 <REP> dr------- C:\Documents and Settings\All Users\Application Data\sansendommagement
2007-11-16 20:42 <REP> d-------- C:\Program Files\QuickTime
2007-11-16 20:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-16 20:40 <REP> d-------- C:\Program Files\Apple Software Update
2007-11-16 20:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-10-27 11:16 <REP> d-------- C:\Program Files\Dofus
2007-10-26 21:19 <REP> d-------- C:\WINDOWS\cache-cache
2007-10-26 21:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-23 11:44 --------- d-----w C:\Program Files\Wanadoo
2007-11-22 10:37 19,856 ----a-w C:\WINDOWS\system32\zmqr.exe
2007-11-22 09:02 19,856 ----a-w C:\WINDOWS\system32\vltytj.exe
2007-11-22 07:57 1,152 ----a-w C:\Documents and Settings\Xavier et Magali\Application Data\wklnhst.dat
2007-11-22 07:12 19,856 ----a-w C:\WINDOWS\system32\tdualgti.exe
2007-11-20 22:37 --------- d-----w C:\Program Files\Java
2007-11-08 07:53 --------- d-----w C:\Program Files\eMule
2007-11-01 17:32 --------- d-----w C:\Documents and Settings\Xavier et Magali\Application Data\LimeWire
2007-10-25 16:56 8,510,976 ------w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 09:26 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2007-10-20 15:06 --------- d-----w C:\Program Files\LimeWire
2007-10-14 21:01 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-10-14 21:01 --------- d-----w C:\Program Files\Windows Live Favorites
2007-10-14 21:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2007-10-13 13:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-13 13:24 --------- d-----w C:\Program Files\Orange
2007-10-13 13:24 --------- d-----w C:\Documents and Settings\Xavier et Magali\Application Data\Voxmobili
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2005-09-24 06:49 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 22:00]
"WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 15:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-25 20:52]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 21:58]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-05 22:00 C:\WINDOWS\system32\rundll32.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-05 22:00 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-04-26 20:48 C:\WINDOWS\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-04-17 21:29 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-01 06:01]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-04-11 20:54]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-07 13:38]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-05-02 09:36]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 09:23]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 15:55]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-05-15 19:33]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 22:00 C:\WINDOWS\system32\bthprops.cpl]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 22:00]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 08:39:30]
Logiciel de Synchronisation Orange.lnk - C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe [2007-10-13 14:24:26]
R2 OPTENET_FILTER;Control Parental;C:\Program Files\Controle Parental\bin\optproxy.exe
R3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys
R3 nvsmu;nvsmu;C:\WINDOWS\system32\DRIVERS\nvsmu.sys
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-16 19:40:54 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-23 11:50:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-23 12:55:31
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????,?@? ???@X??????R?@?????,?@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-23 12:55:49
C:\ComboFix2.txt ... 2007-11-23 10:34
.
--- E O F ---
mbofix
voilà le rapport coComboFix 07-11-19.3 - Xavier et Magali 2007-11-23 12:53:52.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.479 [GMT 1:00]
Running from: C:\DOCUME~1\XAVIER~1\Bureau\combofix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-23 to 2007-11-23 ))))))))))))))))))))))))))))))))))))
.
2007-11-23 09:58 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-11-22 18:09 19,856 --a------ C:\WINDOWS\system32\foubwzf.exe
2007-11-22 17:58 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-11-22 15:41 19,856 --a------ C:\WINDOWS\system32\daqf.exe
2007-11-22 14:04 19,856 --a------ C:\WINDOWS\system32\iuafiinm.exe
2007-11-22 11:45 19,856 --a------ C:\WINDOWS\system32\oxdmmkg.exe
2007-11-21 13:07 <REP> d-------- C:\Program Files\Panda Security
2007-11-20 23:37 5,532 --a------ C:\WINDOWS\system32\jupdate-1.6.0_03-b05.log
2007-11-20 23:02 34,688 --a------ C:\WINDOWS\system32\drivers\lbrtfdc.sys
2007-11-20 23:02 8,192 --a------ C:\WINDOWS\system32\drivers\changer.sys
2007-11-20 19:17 <REP> d-------- C:\Program Files\Fichiers communs\SansenDommagement
2007-11-20 19:17 <REP> dr------- C:\Documents and Settings\All Users\Application Data\sansendommagement
2007-11-16 20:42 <REP> d-------- C:\Program Files\QuickTime
2007-11-16 20:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-16 20:40 <REP> d-------- C:\Program Files\Apple Software Update
2007-11-16 20:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-10-27 11:16 <REP> d-------- C:\Program Files\Dofus
2007-10-26 21:19 <REP> d-------- C:\WINDOWS\cache-cache
2007-10-26 21:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-23 11:44 --------- d-----w C:\Program Files\Wanadoo
2007-11-22 10:37 19,856 ----a-w C:\WINDOWS\system32\zmqr.exe
2007-11-22 09:02 19,856 ----a-w C:\WINDOWS\system32\vltytj.exe
2007-11-22 07:57 1,152 ----a-w C:\Documents and Settings\Xavier et Magali\Application Data\wklnhst.dat
2007-11-22 07:12 19,856 ----a-w C:\WINDOWS\system32\tdualgti.exe
2007-11-20 22:37 --------- d-----w C:\Program Files\Java
2007-11-08 07:53 --------- d-----w C:\Program Files\eMule
2007-11-01 17:32 --------- d-----w C:\Documents and Settings\Xavier et Magali\Application Data\LimeWire
2007-10-25 16:56 8,510,976 ------w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 09:26 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2007-10-20 15:06 --------- d-----w C:\Program Files\LimeWire
2007-10-14 21:01 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-10-14 21:01 --------- d-----w C:\Program Files\Windows Live Favorites
2007-10-14 21:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2007-10-13 13:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-13 13:24 --------- d-----w C:\Program Files\Orange
2007-10-13 13:24 --------- d-----w C:\Documents and Settings\Xavier et Magali\Application Data\Voxmobili
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2005-09-24 06:49 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 22:00]
"WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 15:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-25 20:52]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 21:58]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-05 22:00 C:\WINDOWS\system32\rundll32.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-05 22:00 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-04-26 20:48 C:\WINDOWS\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-04-17 21:29 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-01 06:01]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-04-11 20:54]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-07 13:38]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-05-02 09:36]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 09:23]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 15:55]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-05-15 19:33]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 22:00 C:\WINDOWS\system32\bthprops.cpl]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 22:00]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 08:39:30]
Logiciel de Synchronisation Orange.lnk - C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe [2007-10-13 14:24:26]
R2 OPTENET_FILTER;Control Parental;C:\Program Files\Controle Parental\bin\optproxy.exe
R3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys
R3 nvsmu;nvsmu;C:\WINDOWS\system32\DRIVERS\nvsmu.sys
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-16 19:40:54 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-23 11:50:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-23 12:55:31
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????,?@? ???@X??????R?@?????,?@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-23 12:55:49
C:\ComboFix2.txt ... 2007-11-23 10:34
.
--- E O F ---
mbofix
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjour,
ComboFix 07-11-19.3 - Xavier et Magali 2007-11-23 13:02:26.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.471 [GMT 1:00]
Running from: C:\Documents and Settings\Xavier et Magali\Bureau\combofix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-23 to 2007-11-23 ))))))))))))))))))))))))))))))))))))
.
2007-11-23 09:58 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-11-22 18:09 19,856 --a------ C:\WINDOWS\system32\foubwzf.exe
2007-11-22 17:58 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-11-22 15:41 19,856 --a------ C:\WINDOWS\system32\daqf.exe
2007-11-22 14:04 19,856 --a------ C:\WINDOWS\system32\iuafiinm.exe
2007-11-22 11:45 19,856 --a------ C:\WINDOWS\system32\oxdmmkg.exe
2007-11-21 13:07 <REP> d-------- C:\Program Files\Panda Security
2007-11-20 23:37 5,532 --a------ C:\WINDOWS\system32\jupdate-1.6.0_03-b05.log
2007-11-20 23:02 34,688 --a------ C:\WINDOWS\system32\drivers\lbrtfdc.sys
2007-11-20 23:02 8,192 --a------ C:\WINDOWS\system32\drivers\changer.sys
2007-11-20 19:17 <REP> d-------- C:\Program Files\Fichiers communs\SansenDommagement
2007-11-20 19:17 <REP> dr------- C:\Documents and Settings\All Users\Application Data\sansendommagement
2007-11-16 20:42 <REP> d-------- C:\Program Files\QuickTime
2007-11-16 20:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-16 20:40 <REP> d-------- C:\Program Files\Apple Software Update
2007-11-16 20:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-10-27 11:16 <REP> d-------- C:\Program Files\Dofus
2007-10-26 21:19 <REP> d-------- C:\WINDOWS\cache-cache
2007-10-26 21:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-23 11:44 --------- d-----w C:\Program Files\Wanadoo
2007-11-22 10:37 19,856 ----a-w C:\WINDOWS\system32\zmqr.exe
2007-11-22 09:02 19,856 ----a-w C:\WINDOWS\system32\vltytj.exe
2007-11-22 07:57 1,152 ----a-w C:\Documents and Settings\Xavier et Magali\Application Data\wklnhst.dat
2007-11-22 07:12 19,856 ----a-w C:\WINDOWS\system32\tdualgti.exe
2007-11-20 22:37 --------- d-----w C:\Program Files\Java
2007-11-08 07:53 --------- d-----w C:\Program Files\eMule
2007-11-01 17:32 --------- d-----w C:\Documents and Settings\Xavier et Magali\Application Data\LimeWire
2007-10-25 16:56 8,510,976 ------w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 09:26 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2007-10-20 15:06 --------- d-----w C:\Program Files\LimeWire
2007-10-14 21:01 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-10-14 21:01 --------- d-----w C:\Program Files\Windows Live Favorites
2007-10-14 21:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2007-10-13 13:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-13 13:24 --------- d-----w C:\Program Files\Orange
2007-10-13 13:24 --------- d-----w C:\Documents and Settings\Xavier et Magali\Application Data\Voxmobili
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2005-09-24 06:49 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 22:00]
"WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 15:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-25 20:52]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 21:58]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-05 22:00 C:\WINDOWS\system32\rundll32.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-05 22:00 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-04-26 20:48 C:\WINDOWS\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-04-17 21:29 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-01 06:01]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-04-11 20:54]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-07 13:38]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-05-02 09:36]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 09:23]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 15:55]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-05-15 19:33]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 22:00 C:\WINDOWS\system32\bthprops.cpl]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 22:00]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 08:39:30]
Logiciel de Synchronisation Orange.lnk - C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe [2007-10-13 14:24:26]
R2 OPTENET_FILTER;Control Parental;C:\Program Files\Controle Parental\bin\optproxy.exe
R3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys
R3 nvsmu;nvsmu;C:\WINDOWS\system32\DRIVERS\nvsmu.sys
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-16 19:40:54 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-23 11:50:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-23 13:03:04
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????,?@? ???@X??????R?@?????,?@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-23 13:03:24
C:\ComboFix2.txt ... 2007-11-23 12:55
C:\ComboFix3.txt ... 2007-11-23 10:34
.
--- E O F ---
ComboFix 07-11-19.3 - Xavier et Magali 2007-11-23 13:02:26.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.471 [GMT 1:00]
Running from: C:\Documents and Settings\Xavier et Magali\Bureau\combofix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-23 to 2007-11-23 ))))))))))))))))))))))))))))))))))))
.
2007-11-23 09:58 <REP> d-------- C:\Program Files\Hijackthis Version Française
2007-11-22 18:09 19,856 --a------ C:\WINDOWS\system32\foubwzf.exe
2007-11-22 17:58 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-11-22 15:41 19,856 --a------ C:\WINDOWS\system32\daqf.exe
2007-11-22 14:04 19,856 --a------ C:\WINDOWS\system32\iuafiinm.exe
2007-11-22 11:45 19,856 --a------ C:\WINDOWS\system32\oxdmmkg.exe
2007-11-21 13:07 <REP> d-------- C:\Program Files\Panda Security
2007-11-20 23:37 5,532 --a------ C:\WINDOWS\system32\jupdate-1.6.0_03-b05.log
2007-11-20 23:02 34,688 --a------ C:\WINDOWS\system32\drivers\lbrtfdc.sys
2007-11-20 23:02 8,192 --a------ C:\WINDOWS\system32\drivers\changer.sys
2007-11-20 19:17 <REP> d-------- C:\Program Files\Fichiers communs\SansenDommagement
2007-11-20 19:17 <REP> dr------- C:\Documents and Settings\All Users\Application Data\sansendommagement
2007-11-16 20:42 <REP> d-------- C:\Program Files\QuickTime
2007-11-16 20:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-16 20:40 <REP> d-------- C:\Program Files\Apple Software Update
2007-11-16 20:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-10-27 11:16 <REP> d-------- C:\Program Files\Dofus
2007-10-26 21:19 <REP> d-------- C:\WINDOWS\cache-cache
2007-10-26 21:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-23 11:44 --------- d-----w C:\Program Files\Wanadoo
2007-11-22 10:37 19,856 ----a-w C:\WINDOWS\system32\zmqr.exe
2007-11-22 09:02 19,856 ----a-w C:\WINDOWS\system32\vltytj.exe
2007-11-22 07:57 1,152 ----a-w C:\Documents and Settings\Xavier et Magali\Application Data\wklnhst.dat
2007-11-22 07:12 19,856 ----a-w C:\WINDOWS\system32\tdualgti.exe
2007-11-20 22:37 --------- d-----w C:\Program Files\Java
2007-11-08 07:53 --------- d-----w C:\Program Files\eMule
2007-11-01 17:32 --------- d-----w C:\Documents and Settings\Xavier et Magali\Application Data\LimeWire
2007-10-25 16:56 8,510,976 ------w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 09:26 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2007-10-20 15:06 --------- d-----w C:\Program Files\LimeWire
2007-10-14 21:01 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-10-14 21:01 --------- d-----w C:\Program Files\Windows Live Favorites
2007-10-14 21:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2007-10-13 13:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-13 13:24 --------- d-----w C:\Program Files\Orange
2007-10-13 13:24 --------- d-----w C:\Documents and Settings\Xavier et Magali\Application Data\Voxmobili
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2005-09-24 06:49 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 22:00]
"WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 15:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-25 20:52]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 21:58]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-05 22:00 C:\WINDOWS\system32\rundll32.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-05 22:00 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-04-26 20:48 C:\WINDOWS\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-04-17 21:29 C:\WINDOWS\system32\CHDAudPropShortcut.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-04-01 06:01]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2006-04-11 20:54]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-03-07 13:38]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-05-02 09:36]
"RecGuard"="C:\Windows\SMINST\RecGuard.exe" [2005-10-11 09:23]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 15:55]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-05-15 19:33]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 22:00 C:\WINDOWS\system32\bthprops.cpl]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 22:00]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide de HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2005-09-24 08:39:30]
Logiciel de Synchronisation Orange.lnk - C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe [2007-10-13 14:24:26]
R2 OPTENET_FILTER;Control Parental;C:\Program Files\Controle Parental\bin\optproxy.exe
R3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys
R3 nvsmu;nvsmu;C:\WINDOWS\system32\DRIVERS\nvsmu.sys
S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-16 19:40:54 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-23 11:50:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-23 13:03:04
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe????????????,?@? ???@X??????R?@?????,?@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-23 13:03:24
C:\ComboFix2.txt ... 2007-11-23 12:55
C:\ComboFix3.txt ... 2007-11-23 10:34
.
--- E O F ---
Bonjour,
Logfile of HijackThis v1.99.1
Scan saved at 13:07:26, on 23/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Controle Parental\bin\optproxy.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe
C:\Program Files\Orange\Logiciel de Synchronisation Orange\SyncManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?fbae2899cd74139adc51ae5d7607613
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?fbae2899cd74139adc51ae5d7607613
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5E050E5-689B-42B2-954E-B8EE612573D5}: NameServer = 81.253.149.9 80.10.246.3
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe
Logfile of HijackThis v1.99.1
Scan saved at 13:07:26, on 23/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Controle Parental\bin\optproxy.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe
C:\Program Files\Orange\Logiciel de Synchronisation Orange\SyncManager.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logiciel de Synchronisation Orange.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?fbae2899cd74139adc51ae5d7607613
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?fbae2899cd74139adc51ae5d7607613
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8436FE12-31DB-48BF-83BF-FE682F9160B4} (NanoInstaller Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5E050E5-689B-42B2-954E-B8EE612573D5}: NameServer = 81.253.149.9 80.10.246.3
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe
ok
a l´aide de hijack this coche ceci :
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
fix la ligne :
tuto :
-> http://pageperso.aol.fr/balltrap34/demohijack.htm
clcik sur demarrer demarrer / executer tape sc stop FTRTSVC puis valide par ok (avec les espace tu peux meme faire un copié collé de la ligne
demarrer/ executer tape sc delete FTRTSVC puis valide par ok"
tu n´as pas de par feu!!!
instales en un pour ne plus avoir ce genre de probleme :
par feu : kerio 4.2
https://forums.cnetfrance.fr
https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall
ou zone alarm plus facil a configurer mais moins performant
http://www.kachouri.com/tuto/tuto-143-zonealarm-installation-du-firewall--pare-feu.html
puis regarde ceci :
Antivir vs Avast :
->http://forum.malekal.com/ftopic3528.php
alors pour une meilleure protection, desinstal avast et instal antivir :
->https://www.malekal.com/avira-free-security-antivirus-gratuit/
http://mickael.barroux.free.fr/securite/antivir.php
ta version de internet explorer n´est pas a jour, 6.0 > tu veux la version 7.0
alors fais les mises a jour windows sur le site de microsoft up dates
puis meme avec la version 7.0 il serait judicieux de surfer avec firefox ( plus sur ) tout en gardant internet explorer pour les mises a jour windows...
http://www.firefox.fr/
puis pour verifier que tout est renré dans l´ordre :
A.V.G :
-> Télécharger AVG Anti-Spyware (ewido)
http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware
-> L´installer.
-> lancer AVG Anti-Spyware et clicker sur le bouton Mise à jour. Patienter...
p.s : si les mises a jours ne se font pas, elles sont telechargable ici :
http://downloads.ewido.net/avgas-signatures-full-current.exe
-> Sur la page "analyse":
choisir d´abord l'onglet "paramètres".
sous « Comment réagir » clicker sur « Actions recommandées » et dans le menu déroulant, choisir « Supprimer ».
-> Lancer le scan, (c´est long...).
-> A la fin du scan copier Et coller le rapport ici.
-> Une aide en image au cas ou :
Tutoriel d´installation et de parametrages :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
post le rapport d´analyse d´avg
@+
a l´aide de hijack this coche ceci :
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
fix la ligne :
tuto :
-> http://pageperso.aol.fr/balltrap34/demohijack.htm
clcik sur demarrer demarrer / executer tape sc stop FTRTSVC puis valide par ok (avec les espace tu peux meme faire un copié collé de la ligne
demarrer/ executer tape sc delete FTRTSVC puis valide par ok"
tu n´as pas de par feu!!!
instales en un pour ne plus avoir ce genre de probleme :
par feu : kerio 4.2
https://forums.cnetfrance.fr
https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall
ou zone alarm plus facil a configurer mais moins performant
http://www.kachouri.com/tuto/tuto-143-zonealarm-installation-du-firewall--pare-feu.html
puis regarde ceci :
Antivir vs Avast :
->http://forum.malekal.com/ftopic3528.php
alors pour une meilleure protection, desinstal avast et instal antivir :
->https://www.malekal.com/avira-free-security-antivirus-gratuit/
http://mickael.barroux.free.fr/securite/antivir.php
ta version de internet explorer n´est pas a jour, 6.0 > tu veux la version 7.0
alors fais les mises a jour windows sur le site de microsoft up dates
puis meme avec la version 7.0 il serait judicieux de surfer avec firefox ( plus sur ) tout en gardant internet explorer pour les mises a jour windows...
http://www.firefox.fr/
puis pour verifier que tout est renré dans l´ordre :
A.V.G :
-> Télécharger AVG Anti-Spyware (ewido)
http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware
-> L´installer.
-> lancer AVG Anti-Spyware et clicker sur le bouton Mise à jour. Patienter...
p.s : si les mises a jours ne se font pas, elles sont telechargable ici :
http://downloads.ewido.net/avgas-signatures-full-current.exe
-> Sur la page "analyse":
choisir d´abord l'onglet "paramètres".
sous « Comment réagir » clicker sur « Actions recommandées » et dans le menu déroulant, choisir « Supprimer ».
-> Lancer le scan, (c´est long...).
-> A la fin du scan copier Et coller le rapport ici.
-> Une aide en image au cas ou :
Tutoriel d´installation et de parametrages :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
post le rapport d´analyse d´avg
@+
Bonjour,
J'en suis là:
clcik sur demarrer demarrer / executer tape sc stop FTRTSVC puis valide par ok (avec les espace tu peux meme faire un copié collé de la ligne
demarrer/ executer tape sc delete FTRTSVC puis valide par ok"
mais je ne sais pas sur quel "démarrer" je dois cliquer??? celui en bas à gauche de mon écran ou bien dans hijack this?
J'en suis là:
clcik sur demarrer demarrer / executer tape sc stop FTRTSVC puis valide par ok (avec les espace tu peux meme faire un copié collé de la ligne
demarrer/ executer tape sc delete FTRTSVC puis valide par ok"
mais je ne sais pas sur quel "démarrer" je dois cliquer??? celui en bas à gauche de mon écran ou bien dans hijack this?
Bon, ça va c'est ce que j'ai fait.
A priori, tu me conseilles aussi de changer d'antivirus. Est-ce que je supprime avast d'abord, ou bien je télécharge l'autre et je supprime avast ensuite?
A priori, tu me conseilles aussi de changer d'antivirus. Est-ce que je supprime avast d'abord, ou bien je télécharge l'autre et je supprime avast ensuite?
je vais m´absenter pour un moment,
telecharge antivir sur ton bureau >, coupe toi du net desinstale avast et commence l´instal d´antivir et au moment de faire la mise a jour connecte toi a nouveau
telecharge antivir sur ton bureau >, coupe toi du net desinstale avast et commence l´instal d´antivir et au moment de faire la mise a jour connecte toi a nouveau
J'ai installé antivir, et fait un scan. Le voici:
AntiVir PersonalEdition Classic
Report file date: vendredi 23 novembre 2007 14:57
Scanning for 1036370 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: PC180812781824
Version information:
BUILD.DAT : 269 15604 Bytes 10/09/2007 14:31:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 12:32:40
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 12:32:46
ANTIVIR2.VDF : 6.39.1.43 1542656 Bytes 25/08/2007 17:21:02
ANTIVIR3.VDF : 6.39.1.51 29696 Bytes 28/08/2007 07:22:36
AVEWIN32.DLL : 7.6.0.5 2789888 Bytes 29/08/2007 17:09:10
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: vendredi 23 novembre 2007 14:57
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'HPQTOA~1.EXE' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'hpqwmiex.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'optproxy.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'hpqimzone.exe' - '1' Module(s) have been scanned
Scan process 'SyncManager.exe' - '1' Module(s) have been scanned
Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned
Scan process 'PollingModule.exe' - '1' Module(s) have been scanned
Scan process 'Inactivity.exe' - '1' Module(s) have been scanned
Scan process 'Toaster.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'Voxsync.exe' - '1' Module(s) have been scanned
Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'QTTask.exe' - '1' Module(s) have been scanned
Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'Reader_SL.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'QLBCTRL.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'QPService.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'HP Wireless Assistant.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
53 processes with 53 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '37' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\runtime2.sys.vir
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '47b4e0d2.qua'!
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP181\A0052265.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '4776e34a.qua'!
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP183\A0070403.sys
[DETECTION] Contains detection pattern of the rootkit RKIT/Agent.DQ.31.A
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services//Runtime]
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Runtime//Enum]
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services//Runtime]
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RUNTIME\0000//Control]
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RUNTIME//0000]
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root//LEGACY_RUNTIME]
[INFO] The file was moved to '4776e356.qua'!
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP183\A0070404.exe
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '4776e359.qua'!
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP184\A0070426.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '4776e35e.qua'!
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP184\A0070429.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '4776e360.qua'!
C:\WINDOWS\system32\daqf.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47b7e4b9.qua'!
C:\WINDOWS\system32\foubwzf.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47bbe4ce.qua'!
C:\WINDOWS\system32\iuafiinm.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47a7e4da.qua'!
C:\WINDOWS\system32\oxdmmkg.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47aae4ec.qua'!
C:\WINDOWS\system32\tdualgti.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47bbe4e3.qua'!
C:\WINDOWS\system32\vltytj.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47bae4ef.qua'!
C:\WINDOWS\system32\zmqr.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47b7e4f9.qua'!
Begin scan in 'D:\' <PRESARIO_RP>
End of the scan: vendredi 23 novembre 2007 15:33
Used time: 36:12 min
The scan has been done completely.
5765 Scanning directories
301194 Files were scanned
12 viruses and/or unwanted programs were found
1 Files were classified as suspicious:
0 files were deleted
0 files were repaired
13 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
301182 Files not concerned
8380 Archives were scanned
2 Warnings
10 Notes
A mon tour de m'absenter. Je n'ai pas réussi à installer le firewall (en anglais, et payant à priori)
Comment je fais maintenant (enfin, à mon retour plutôt?)
AntiVir PersonalEdition Classic
Report file date: vendredi 23 novembre 2007 14:57
Scanning for 1036370 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: PC180812781824
Version information:
BUILD.DAT : 269 15604 Bytes 10/09/2007 14:31:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31/05/2006 12:32:40
ANTIVIR1.VDF : 6.39.0.129 7251968 Bytes 10/07/2007 12:32:46
ANTIVIR2.VDF : 6.39.1.43 1542656 Bytes 25/08/2007 17:21:02
ANTIVIR3.VDF : 6.39.1.51 29696 Bytes 28/08/2007 07:22:36
AVEWIN32.DLL : 7.6.0.5 2789888 Bytes 29/08/2007 17:09:10
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: vendredi 23 novembre 2007 14:57
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'HPQTOA~1.EXE' - '1' Module(s) have been scanned
Scan process 'Watch.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'hpqwmiex.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'optproxy.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'hpqimzone.exe' - '1' Module(s) have been scanned
Scan process 'SyncManager.exe' - '1' Module(s) have been scanned
Scan process 'ALERTM~1.EXE' - '1' Module(s) have been scanned
Scan process 'PollingModule.exe' - '1' Module(s) have been scanned
Scan process 'Inactivity.exe' - '1' Module(s) have been scanned
Scan process 'Toaster.exe' - '1' Module(s) have been scanned
Scan process 'ComComp.exe' - '1' Module(s) have been scanned
Scan process 'Voxsync.exe' - '1' Module(s) have been scanned
Scan process 'GestionnaireInternet.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'QTTask.exe' - '1' Module(s) have been scanned
Scan process 'TaskBarIcon.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'Reader_SL.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'QLBCTRL.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'QPService.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'HP Wireless Assistant.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
53 processes with 53 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '37' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\runtime2.sys.vir
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '47b4e0d2.qua'!
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP181\A0052265.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was moved to '4776e34a.qua'!
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP183\A0070403.sys
[DETECTION] Contains detection pattern of the rootkit RKIT/Agent.DQ.31.A
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services//Runtime]
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Runtime//Enum]
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services//Runtime]
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RUNTIME\0000//Control]
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RUNTIME//0000]
[INFO] RKIT/Agent.DQ.31.A:[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root//LEGACY_RUNTIME]
[INFO] The file was moved to '4776e356.qua'!
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP183\A0070404.exe
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '4776e359.qua'!
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP184\A0070426.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '4776e35e.qua'!
C:\System Volume Information\_restore{7B611537-58DE-4087-B3A2-96B0BFF92CB3}\RP184\A0070429.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was moved to '4776e360.qua'!
C:\WINDOWS\system32\daqf.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47b7e4b9.qua'!
C:\WINDOWS\system32\foubwzf.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47bbe4ce.qua'!
C:\WINDOWS\system32\iuafiinm.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47a7e4da.qua'!
C:\WINDOWS\system32\oxdmmkg.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47aae4ec.qua'!
C:\WINDOWS\system32\tdualgti.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47bbe4e3.qua'!
C:\WINDOWS\system32\vltytj.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47bae4ef.qua'!
C:\WINDOWS\system32\zmqr.exe
[DETECTION] Is the Trojan horse TR/Crypt.NSPI.Gen
[INFO] The file was moved to '47b7e4f9.qua'!
Begin scan in 'D:\' <PRESARIO_RP>
End of the scan: vendredi 23 novembre 2007 15:33
Used time: 36:12 min
The scan has been done completely.
5765 Scanning directories
301194 Files were scanned
12 viruses and/or unwanted programs were found
1 Files were classified as suspicious:
0 files were deleted
0 files were repaired
13 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
301182 Files not concerned
8380 Archives were scanned
2 Warnings
10 Notes
A mon tour de m'absenter. Je n'ai pas réussi à installer le firewall (en anglais, et payant à priori)
Comment je fais maintenant (enfin, à mon retour plutôt?)
salut a ton retour,
vide la quarantaine d´antivir
Désactive ta restauration système:
pour cela :
Click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration système;
coche la case désactiver la restauration systèm et applique.
puis redemarre le pc et click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration systèm
décoche la case désactiver la restauration systèm et applique.
instale kerio, il est en anglais mais avec les tutos tu devrais t en sortir, il est gratuit seulement apres les 30 jour certaines fonctions pas les plus essentielles seront desctivées
puis
passe ceci et post le rapport stp
Fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
vide la quarantaine d´antivir
Désactive ta restauration système:
pour cela :
Click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration système;
coche la case désactiver la restauration systèm et applique.
puis redemarre le pc et click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration systèm
décoche la case désactiver la restauration systèm et applique.
instale kerio, il est en anglais mais avec les tutos tu devrais t en sortir, il est gratuit seulement apres les 30 jour certaines fonctions pas les plus essentielles seront desctivées
puis
passe ceci et post le rapport stp
Fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)